Your AI-readiness badge is lying
Most "agent-ready" sites 404 the moment an agent actually shows up.
I learned this the boring way: by building a probe that doesn't trust the
checklist. The public agent-readiness scanners check for presence —
is there a robots.txt, a server card, a .well-known/ file.
Presence is cheap. A site can score 100% and still be useless to an agent,
because nothing it advertises actually answers when an agent knocks.
So I built the thing that knocks.
The probe doesn't ask "is the MCP server card present?" It fetches the
card, reads the endpoint, opens the connection, runs the handshake, and lists
the tools. It walks the API catalog into the linked OpenAPI. It verifies
every agent-skill digest. It follows the Link headers and
confirms the targets actually load. Then it scores navigability: not "did you
declare it" but "can an agent get from your homepage to a working tool
without dead-ending."
The first real site I pointed it at advertised its whole agent surface in
Link headers. Every single well-known path behind those headers
returned 404. Badge: green. Reality: a locked door with a "come
in" sign.
That's the gap. And the gap is the opportunity.
The fix is a two-layer web. The top layer is for humans — the design, the words, the thing you look at. The second layer is for agents — exposed tools, an A2A card, schemas, an OpenAPI catalog, a working handshake. Same site. Both real. The trick nobody does: make the human layer advertise the agent layer, so the site you read tells you the site can be operated.
So I built the machine that does it. Twenty generators for the machine layer. A single manifest as the source of truth. A probe gate between every step, so the chain can't move forward until the last thing it built actually handshakes. An orchestrator that takes a bare domain and walks it to agent-native, then re-scans to prove it — not with a badge, with a live handshake.
Presence is a costume. Handshake is the test. Build for the knock.